eMail enforces AAAA DNS Record and won't send without

Question

I have a problem with a mailserver.

I set up an A and a MX record, I am able to receive mails from different servers, but all outbound mails (to different mail providers) fail with the status:

1) Connection failure: Connection broken during SMTP conversation while talking to mx-ha03.web.de;

2) AAAA-lookup mx-ha03.web.de - DNS server returned answer with no data;

3) Connection failure: Connection broken during SMTP conversation while talking to mx-ha02.web.de;

4) AAAA-lookup mx-ha02.web.de - DNS server returned answer with no data;

5) AAAA-lookup mx-ha02.web.de - DNS server returned answer with no data;

If I dig @8.8.8.8 from the server for mx-ha02.web.de the AAAA record only returns me the SOA.

I am not really sure what's the problem, but my guess is, that the mailserver somehow tries to enforce ipv6 and therefore looks for an AAAA DNS Record.

I have an MX record to my mail.domain.tld and an A record from mail.domain.tld to my public IP Address. And forwarded the smtp / imap ports via iptables. I set up a fitting DNS in /etc/resolve.conf, I disabled IPv6 for the machine and I configured Citadel to only use IPv4.

Why does it still enforce an quad A DNS record which is solely for IPv6? Or do I greatly misinterpret something?

Answer 1

I don't think that's an accurate read of the problem. These two errors are far more glaring:

1) Connection failure: Connection broken during SMTP conversation while talking to mx-ha03.web.de;

3) Connection failure: Connection broken during SMTP conversation while talking to mx-ha02.web.de;

This indicates that the SMTP conversation itself is breaking down, and implies that it was at least able to initiate the connection. Your best next step is to use packet captures to study what is happening during these SMTP transactions from a network level. I would ignore the warnings about absent AAAA records until you can make those two errors go away.